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WHAT IS CLAIMED IS: 

1. An authentication method in an Ethernet passive optical network (EPON) 
comprising the steps of: 

(A) causing an optical line terminal (OLT) to receive, from an optical network unit 
5 (ONU), a packet informing of the start of an authentication process, and, responsive to that 

receipt, controlling the OLT to transmit, to the ONU, a packet for requesting an identifier of 
the ONU; 

(B) causing the OLT to receive from the ONU the identifier and to compare the 
identifier to a previously stored value to determine whether the identifier corresponds to the 

1 0 previously stored value; 

(C) transmitting an authentication success packet to the ONU when it is determined 
at the step (B) that the correspondence exists; 

(D) transmitting an authentication failure packet to the ONU when it is determined 
at the step (B) that the correspondence does not exist; and 

15 (E) after completion of the step (C) or (D), controlling the OLT to inform the ONU 

that an authentication process has ended. 

2. The authentication method according to claim 1, wherein the identifier of the 
ONU is a username. 

15 



P10997/5000-1-441 

3. The authentication method according to claim 2, wherein each of the packets 
used in the authentication method includes: 

a destination address (DA) field for indicating a destination of the packet; 
a source address (SA) field for indicating a source of the packet; 
a logical link identifier (LLID) field for indicating an LLID; 
a type field for indicating an Ethertype of the packet; 

a sub-type field for identifying the packet when its type field is identical to those of 
other packets; 

a version field for indicating version information of the packet; 

a code field for indicating an authentication operation based on the packet; 

a data/protocol data unit (PDU) field for indicating data of the packet; and 

a frame check sequence (FCS) field for indicating FCS information for detecting 
errors of a frame, corresponding to the packet, included in information to be transmitted in 
the unit of frames, the FCS information being arranged at a tail end of the frame. 

4. The authentication method according to claim 3, wherein the code field includes: 



a value 


"0x00" 


for indicating start of an authentication process; 


a value 


"0x01" 


for indicating a request for authentication contents; 


a value 


"0x02" 


for indicating transmission of authentication contents; 


a value 


"0x03" 


for indicating the end of an authentication process; 


a value 


"0x04" 


for indicating authentication success; and 


a value 


"0x05" 


for indicating authentication failure. 
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5. The authentication method according to claim 1, wherein each of the packets 
used in the authentication method includes: 

a destination address (DA) field for indicating a destination of the packet; 
a source address (SA) field for indicating a source of the packet; 
a logical link identifier (LLID) field for indicating an LLK); 
a type field for indicating an Ethertype of the packet; 

a sub-type field for identifying the packet when its type field is identical to those of 
other packets; 

a version field for indicating version information of the packet; 

a code field for indicating an authentication operation based on the packet; 

a data/protocol data unit (PDU) field for indicating data of the packet; and 

a frame check sequence (FCS) field for indicating FCS information for detecting 
errors of a frame, corresponding to the packet, included in information to be transmitted in 
the unit of frames, the FCS information being arranged at a tail end of the frame. 

6. The authentication method according to claim 5, wherein the code field includes: 
a value "0x00" for indicating start of an authentication process; 

a value "0x01" for indicating a request for authentication contents; 
a value "0x02" for indicating transmission of authentication contents; 
a value "0x03" for indicating the end of an authentication process; 
a value "0x04" for indicating authentication success; and 
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a value "0x05" for indicating authentication failure. 

7. An authentication method in an Ethernet passive optical network (EPON) 
comprising the steps of: 

5 (A) controlling an optical network unit (ONU) to transmit, to an optical line 

terminal (OLT), a packet informing of the start of an authentication process, and causing 
the ONU to receive, from the OLT, a packet for requesting an identifier of the ONU; 

(B) controlling the ONU to transmit to the OLT the identifier of the ONU; 

(C) receiving at the ONU an authentication success packet in response to 
10 transmission of the authentication success packet when it is determined that a 

correspondence exists between the identifier and a value previously stored in the OLT, and 
proceeding with processing at the ONU based on that determination; 

(D) receiving at the ONU an authentication success packet in response to 
transmission of the authentication failure packet when it is determined that the 

15 correspondence does not exist, and proceeding with processing at the ONU based on the 
determination that the correspondence does not exist; and 

(E) causing the ONU to receive, from the OLT, a packet informing that an 
authentication process has ended, the informing packet being sent as a result of said 
determination of the step (C) or (D). 

20 8. The authentication method according to claim 7, wherein the identifier of the 

ONU is a username. 
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9. The authentication method according to claim 8, wherein each of the packets 
used in the authentication method includes: 

a destination address (DA) field for indicating a destination of the packet; 
a source address (SA) field for indicating a source of the packet; 
5 a logical link identifier (LLDD) field for indicating an LLID; 

a type field for indicating an Ethertype of the packet; 

a sub-type field for identifying the packet when its type field is identical to those of 
other packets; 

a version field for indicating version information of the packet; 
10 a code field for indicating an authentication operation based on the packet; 

a data/protocol data unit (PDU) field for indicating data of the packet; and 
an frame check sequence (FCS) field for indicating FCS information for detecting 
errors of a frame, corresponding to the packet, included in information to be transmitted in 
the unit of frames, the FCS information being arranged at a tail end of the frame. 

15 10. The authentication method according to claim 9, wherein the code field 

includes: 

a value "0x00" for indicating start of an authentication process; 

a value "0x01" for indicating a request for authentication contents; 

a value "0x02" for indicating transmission of authentication contents; 

20 a value "0x03" for indicating an end of an authentication process; 
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a value "0x04" for indicating authentication success; and 
a value "0x05" for indicating authentication failure. 

11. The authentication method according to claim 7, wherein each of the packets 
used in the authentication method includes: 

a destination address (DA) field for indicating a destination of the packet; 
a source address (SA) field for indicating a source of the packet; 
a logical link identifier (LLID) field for indicating an LLID; 
a type field for indicating an Ethertype of the packet; 

a sub-type field for identifying the packet when its type field is identical to those of 
other packets; 

a version field for indicating version information of the packet; 

a code field for indicating an authentication operation based on the packet; 

a data/protocol data unit (PDU) field for indicating data of the packet; and 

an frame check sequence (FCS) field for indicating FCS information for detecting 
errors of a frame, corresponding to the packet, included in information to be transmitted in 
the unit of frames, the FCS information being arranged at a tail end of the frame. 

12. The authentication method according to claim 11, wherein the code field 
includes: 

a value "0x00" for indicating start of an authentication process; 

a value "0x01" for indicating a request for authentication contents; 
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a value "0x02" for indicating transmission of authentication contents; 
a value "0x03" for indicating an end of an authentication process; 
a value "0x04" for indicating authentication success; and 
a value "0x05" for indicating authentication failure. 

13. An authentication apparatus in an Ethernet passive optical network (EPON) 
comprising: 

a bus interface for inputting data from an external router, and outputting data to the 
external router; 

a control unit for receiving an OAM (Operation, Administration and Maintenance) 
packet in accordance with an authentication process and to control data services for an 
optical network unit (ONU); and 

a downstream unit for switching data received via the bus interface under control of 
the control unit. 

14. The authentication apparatus according to claim 13, wherein the control unit 
controls a switching operation of a downstream port included in the downstream unit, based 
on the received OAM packet, a logical link ID (LLID) and an ACT (Authentication Control 
Table) and according to an ALTM (Address Lookup Table Management) protocol. 
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15. A computer-readable recording medium having, recorded within, a program 
executable by a processor of an optical line terminal (OLT) of an Ethernet passive optical 
network (EPON), the program comprising: 

(A) instructions which, when executed by said processor, cause the OLT to receive, 
5 from an optical network unit (ONU), a packet informing of the start of an authentication 

process, and, responsive to that receipt, controlling t he OLT to transmit, to the ONU, a 
packet for requesting an identifier of the ONU; 

(B) instructions which, when executed by said processor, cause the OLT to receive 
from the ONU the identifier and to compare the identifier to a previously stored value to 

10 determine whether the identifier corresponds to the previously stored value; 

(C) instructions which, when executed by said processor, cause transmission of an 
authentication success packet to the ONU when it is determined that the correspondence 
exists; 

(D) instructions which, when executed by said processor, cause transmission of an 
15 authentication failure packet to the ONU when it is determined that the correspondence 

does not exist; and 

(E) instructions which, when executed by said processor, control the OLT to inform, 
after execution of the (C) instructions or the (D) instructions, the ONU that an 
authentication process has ended. 



20 16. The medium according to claim 15, wherein the identifier of the ONU is a 

username. 
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1 7. T he m edium a ccording t o claim 1 6, w herein e ach o f t he p ackets u sed i n t he 
authentication method includes: 

a destination address (DA) field for indicating a destination of the packet; 
a source address (SA) field for indicating a source of the packet; 
a logical link identifier (LLID) field for indicating an LLID; 
a type field for indicating an Ethertype of the packet; 

a sub-type field for identifying the packet when its type field is identical to those of 
other packets; 

a version field for indicating version information of the packet; 

a code field for indicating an authentication operation based on the packet; 

a data/protocol data unit (PDU) field for indicating data of the packet; and 

a frame check sequence (FCS) field for indicating F CS information for detecting 
errors of a frame, corresponding to the packet, included in information to be transmitted in 
the unit of frames, the FCS information being arranged at a tail end of the frame. 

18. A computer-readable recording medium having, recorded within, a program 
executable by a processor of an optical network unit (ONU) of an Ethernet passive optical 
network (EPON), the program comprising: 

(A) instructions which, when executed by said processor, control the ONU to 
transmit, to an optical line terminal (OLT), a packet informing of the start of an 
authentication process, and cause the ONU to receive, from the OLT, a packet for 
requesting an identifier of the ONU; 
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(B) instructions which, when executed by said processor, control the ONU to 
transmit to the OLT the identifier of the ONU; 

(C) instructions which, when executed by said processor, cause the ONU to receive 
an authentication success packet in response to transmission of the authentication success 

5 packet when it is determined that a correspondence exists between the identifier and a value 
previously stored in the OLT, and to proceed with processing at the ONU based on that 
determination; 

(D) instructions which, when executed by said processor, cause the ONU to receive 
an authentication failure packet when it is determined that the correspondence does not 

10 exist, and to proceed with processing at the ONU based on the determination that the 
correspondence does not exist; and 

(E) instructions which, when executed by said processor, cause the ONU to receive, 
from the OLT, a packet informing that an authentication process has ended, the informing 
being sent as a result of the determination that the correspondence does or does not exist. 

15 

19. The medium according to claim 18, wherein the identifier of the ONU is a 
username. 

20. T he m edium a ccording t o claim 1 9, w herein e ach o f t he p ackets u sed i n t he 
authentication method includes: 

20 a destination address (DA) field for indicating a destination of the packet; 

a source address (SA) field for indicating a source of the packet; 
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a logical link identifier (LLID) field for indicating an LLE); 
a type field for indicating an Ethertype of the packet; 

a sub-type field for identifying the packet when its type field is identical to those of 
other packets; 

a version field for indicating version information of the packet; 

a code field for indicating an authentication operation based on the packet; 

a data/protocol data unit (PDU) field for indicating data of the packet; and 

a frame check sequence (FCS) field for indicating F CS information for d etecting 
errors of a frame, corresponding to the packet, included in information to be transmitted in 
the unit of frames, the FCS information being arranged at a tail end of the frame. 



25 



